[Openswan Users] whack: Pluto is not running (no "/var/run/pluto.ctl")

Clif Smith openswan at cjs226.com
Fri Apr 29 23:37:49 CEST 2005 

Logs, logs and more logs:  :-)
/var/log/secure:
______ ipsec start begin    Fri Apr 29 22:30:46 CDT 2005 ______
Apr 29 22:30:47 centipede ipsec__plutorun: Starting Pluto subsystem...
Apr 29 22:30:47 centipede pluto[19773]: Starting Pluto (Openswan Version 
2.3.1 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR; Vendor ID 
OEExalF{_o`m)
Apr 29 22:30:47 centipede pluto[19773]: Setting port floating to off
Apr 29 22:30:47 centipede pluto[19773]: port floating activate 0/1
Apr 29 22:30:47 centipede pluto[19773]:   including NAT-Traversal patch 
(Version 0.6c) [disabled]
Apr 29 22:30:47 centipede pluto[19773]: ike_alg_register_enc(): 
Activating OAKLEY_AES_CBC: Ok (ret=0)
Apr 29 22:30:47 centipede pluto[19773]: starting up 1 cryptographic helpers
Apr 29 22:30:47 centipede pluto[19773]: started helper pid=19774 (fd:6)
Apr 29 22:30:47 centipede pluto[19773]: Using Linux 2.6 IPsec interface code
Apr 29 22:30:47 centipede pluto[19773]: Changing to directory 
'/etc/ipsec.d/cacerts'
Apr 29 22:30:47 centipede pluto[19773]: Changing to directory 
'/etc/ipsec.d/aacerts'
Apr 29 22:30:47 centipede pluto[19773]: Changing to directory 
'/etc/ipsec.d/ocspcerts'
Apr 29 22:30:47 centipede pluto[19773]: Changing to directory 
'/etc/ipsec.d/crls'
Apr 29 22:30:47 centipede pluto[19773]:   Warning: empty directory
Apr 29 22:30:47 centipede pluto[19773]: added connection description 
"packetdefault"
Apr 29 22:30:47 centipede pluto[19773]: added connection description "block"
Apr 29 22:30:47 centipede pluto[19773]: added connection description 
"clear-or-private"
Apr 29 22:30:47 centipede pluto[19773]: added connection description "clear"
Apr 29 22:30:48 centipede pluto[19773]: added connection description 
"private-or-clear"
Apr 29 22:30:48 centipede pluto[19773]: added connection description 
"private"
Apr 29 22:30:48 centipede pluto[19773]: added connection description "TEST"
Apr 29 22:30:48 centipede pluto[19773]: listening for IKE messages
Apr 29 22:30:48 centipede pluto[19773]: adding interface eth0/eth0 
192.168.1.21:500
Apr 29 22:30:48 centipede pluto[19773]: adding interface lo/lo 127.0.0.1:500
Apr 29 22:30:48 centipede pluto[19773]: adding interface lo/lo ::1:500
Apr 29 22:30:48 centipede pluto[19773]: loading secrets from 
"/etc/ipsec.secrets"
Apr 29 22:30:48 centipede pluto[19773]: loading group 
"/etc/ipsec.d/policies/private"
Apr 29 22:30:48 centipede pluto[19773]: loading group 
"/etc/ipsec.d/policies/private-or-clear"
Apr 29 22:30:48 centipede pluto[19773]: loading group 
"/etc/ipsec.d/policies/clear"
Apr 29 22:30:48 centipede pluto[19773]: loading group 
"/etc/ipsec.d/policies/clear-or-private"
Apr 29 22:30:48 centipede pluto[19773]: loading group 
"/etc/ipsec.d/policies/block"
______ tunnel TEST begin Fri Apr 29 22:30:52 CDT 2005 ______
whack: Pluto is not running (no "/var/run/pluto.ctl")
Apr 29 22:30:55 centipede pluto[19773]: %hold otherwise handled during 
DNS lookup for Opportunistic Initiation for 192.168.1.21 to 192.168.1.11
Apr 29 22:30:55 centipede pluto[19773]: %hold otherwise handled during 
DNS lookup for Opportunistic Initiation for 192.168.1.21 to $MY_IP
Apr 29 22:30:55 centipede pluto[19773]: %hold otherwise handled during 
DNS lookup for Opportunistic Initiation for 192.168.1.21 to 192.168.1.12
______ tunnel TEST end Fri Apr 29 22:30:57 CDT 2005   ______
______ ipsec start end Fri Apr 29 22:30:57 CDT 2005      ______
______ ipsec start end Fri Apr 29 22:30:57 CDT 2005      ______
Apr 29 22:31:07 centipede pluto[19773]: %hold otherwise handled during 
DNS lookup for Opportunistic Initiation for 192.168.1.21 to 216.155.193.167
______ ipsec stop begin    Fri Apr 29 22:31:13 CDT 2005 ______
Apr 29 22:31:13 centipede pluto[19773]: shutting down
Apr 29 22:31:13 centipede pluto[19773]: "private": deleting connection
Apr 29 22:31:13 centipede pluto[19773]: "private-or-clear#0.0.0.0/0": 
deleting connection
Apr 29 22:31:13 centipede pluto[19773]: "private-or-clear": deleting 
connection
Apr 29 22:31:13 centipede pluto[19773]: "clear": deleting connection
Apr 29 22:31:13 centipede pluto[19773]: "clear-or-private": deleting 
connection
Apr 29 22:31:13 centipede pluto[19773]: "block": deleting connection
Apr 29 22:31:13 centipede pluto[19773]: "packetdefault": deleting connection
Apr 29 22:31:13 centipede pluto[19773]: "TEST": deleting connection
Apr 29 22:31:13 centipede pluto[19773]: shutting down interface lo/lo 
::1:500
Apr 29 22:31:13 centipede pluto[19773]: shutting down interface lo/lo 
127.0.0.1:500
Apr 29 22:31:13 centipede pluto[19773]: shutting down interface 
eth0/eth0 192.168.1.21:500
______ ipsec stop end Fri Apr 29 22:31:39 CDT 2005      ______

/var/log/messages:
______ ipsec start begin    Fri Apr 29 22:30:46 CDT 2005 ______
Apr 29 22:30:46 centipede kernel: NET: Registered protocol family 15
Apr 29 22:30:47 centipede ipsec_setup: KLIPS ipsec0 on eth0 
192.168.1.21/255.255.255.0 broadcast 192.168.1.255
Apr 29 22:30:47 centipede ipsec_setup: ...Openswan IPsec started
Apr 29 22:30:47 centipede ipsec_setup: Starting Openswan IPsec 2.3.1...
Apr 29 22:30:47 centipede ipsec_setup: insmod 
/lib/modules/2.6.10-1.770_FC3/kernel/net/key/af_key.ko
Apr 29 22:30:47 centipede ipsec_setup: insmod 
/lib/modules/2.6.10-1.770_FC3/kernel/net/ipv4/xfrm4_tunnel.ko
______ tunnel TEST begin Fri Apr 29 22:30:52 CDT 2005 ______
______ tunnel TEST end Fri Apr 29 22:30:57 CDT 2005   ______
______ ipsec start end Fri Apr 29 22:30:57 CDT 2005      ______
______ ipsec stop begin    Fri Apr 29 22:31:13 CDT 2005 ______
Apr 29 22:31:39 centipede kernel: NET: Unregistered protocol family 15
Apr 29 22:31:39 centipede ipsec_setup: ...Openswan IPsec stopped
Apr 29 22:31:39 centipede ipsec_setup: Stopping Openswan IPsec...
______ ipsec stop end Fri Apr 29 22:31:39 CDT 2005      ______

A ps during the process:
______ ipsec start begin    Fri Apr 29 22:30:46 CDT 2005 ______
root     19771     1  0 22:30 pts/4    00:00:00 /bin/sh 
/usr/lib/ipsec/_plutorun --debug  --uniqueids yes --nocrsend 
--strictcrlpolicy  --nat_traversal  --keep_alive  --force_keepalive 
--disable_port_floating  --virtual_private  --crlcheckinterval 0 
--ocspuri  --nhelpers  --dump  --opts  --stderrlog  --wait no --pre 
--post  --log daemon.error --pid /var/run/pluto/pluto.pid
root     19772 19771  0 22:30 pts/4    00:00:00 /bin/sh 
/usr/lib/ipsec/_plutorun --debug  --uniqueids yes --nocrsend 
--strictcrlpolicy  --nat_traversal  --keep_alive  --force_keepalive 
--disable_port_floating  --virtual_private  --crlcheckinterval 0 
--ocspuri  --nhelpers  --dump  --opts  --stderrlog  --wait no --pre 
--post  --log daemon.error --pid /var/run/pluto/pluto.pid
root     19773 19772  0 22:30 pts/4    00:00:00 /usr/libexec/ipsec/pluto 
--nofork --secretsfile /etc/ipsec.secrets --ipsecdir /etc/ipsec.d 
--uniqueids
root     19774 19773  0 22:30 pts/4    00:00:00 pluto helper  #  0
root     19777 19771  0 22:30 pts/4    00:00:00 /bin/sh 
/usr/lib/ipsec/_plutoload --wait no --post
root     19779     1  0 22:30 pts/4    00:00:00 logger -s -p 
daemon.error -t ipsec__plutorun
root     19810 19773  0 22:30 pts/4    00:00:00 _pluto_adns
______ tunnel TEST begin Fri Apr 29 22:30:52 CDT 2005 ______
______ tunnel TEST end Fri Apr 29 22:30:57 CDT 2005   ______
root     19771     1  0 22:30 pts/4    00:00:00 /bin/sh 
/usr/lib/ipsec/_plutorun --debug  --uniqueids yes --nocrsend 
--strictcrlpolicy  --nat_traversal  --keep_alive  --force_keepalive 
--disable_port_floating  --virtual_private  --crlcheckinterval 0 
--ocspuri  --nhelpers  --dump  --opts  --stderrlog  --wait no --pre 
--post  --log daemon.error --pid /var/run/pluto/pluto.pid
root     19772 19771  0 22:30 pts/4    00:00:00 /bin/sh 
/usr/lib/ipsec/_plutorun --debug  --uniqueids yes --nocrsend 
--strictcrlpolicy  --nat_traversal  --keep_alive  --force_keepalive 
--disable_port_floating  --virtual_private  --crlcheckinterval 0 
--ocspuri  --nhelpers  --dump  --opts  --stderrlog  --wait no --pre 
--post  --log daemon.error --pid /var/run/pluto/pluto.pid
root     19773 19772  0 22:30 pts/4    00:00:00 /usr/libexec/ipsec/pluto 
--nofork --secretsfile /etc/ipsec.secrets --ipsecdir /etc/ipsec.d 
--uniqueids
root     19774 19773  0 22:30 pts/4    00:00:00 pluto helper  #  0
root     19777 19771  0 22:30 pts/4    00:00:00 /bin/sh 
/usr/lib/ipsec/_plutoload --wait no --post
root     19779     1  0 22:30 pts/4    00:00:00 logger -s -p 
daemon.error -t ipsec__plutorun
root     19810 19773  0 22:30 pts/4    00:00:00 _pluto_adns
root     20016 19810  0 22:30 pts/4    00:00:00 _pluto_adns
root     20017 19810  0 22:30 pts/4    00:00:00 _pluto_adns
root     20018 19810  0 22:30 pts/4    00:00:00 _pluto_adns
______ ipsec start end Fri Apr 29 22:30:57 CDT 2005      ______
______ ipsec stop begin    Fri Apr 29 22:31:13 CDT 2005 ______
______ ipsec stop end Fri Apr 29 22:31:39 CDT 2005      ______








Paul Wouters wrote:
> On Tue, 26 Apr 2005, Clif Smith wrote:
> 
>> I'm using the openswan v2.3.1 fc3 rpms.  After I start ipsec and then 
>> run <ipsec auto --up TEST>, I receive:
>> whack: Pluto is not running (no "/var/run/pluto.ctl")
> 
> 
> There should be an error in the log why pluto stopped.
> 
>> Apr 26 20:53:55 centipede kernel: NET: Registered protocol family 15
>> Apr 26 20:53:55 centipede ipsec_setup: KLIPS ipsec0 on eth0 
>> 192.168.1.21/255.255.255.0 broadcast 192.168.1.255
>> Apr 26 20:53:55 centipede ipsec_setup: ...Openswan IPsec started
>> Apr 26 20:53:55 centipede ipsec_setup: Starting Openswan IPsec 2.3.1...
>> Apr 26 20:53:55 centipede ipsec_setup: insmod 
>> /lib/modules/2.6.10-1.770_FC3/kernel/net/key/af_key.ko
>> Apr 26 20:53:55 centipede ipsec_setup: insmod 
>> /lib/modules/2.6.10-1.770_FC3/kernel/net/ipv4/xfrm4_tunnel.ko
> 
> 
> Please check /var/log/secure
> 
> Paul

More information about the Users mailing list